Ideas for initial demo adapters - Githubissues

ClusterHQ / powerstrip

Powerstrip: A tool for prototyping Docker extensions

https://clusterhq.com/

Apache License 2.0

302 stars 32 forks source link

Ideas for initial demo adapters #8

Open robhaswell opened 9 years ago

robhaswell commented 9 years ago

Weave, being worked on by @binocarlos.
Prevent the user from launching containers which are not published by a certain vendor.
Automatically garbage collect stopped containers.
Prevent privileged mode (@progrium).
Kill/stop a container some time after it was started (@progrium).
Audit trail.

More complicated ideas:

Implement user control - a particular user can only list, start and stop their own containers. Would need to find a way of making the adapters aware of the caller somehow. We could tie it to the Unix user system and expose powerstrip on a socket. Setuid root binaries might make this entirely insecure.

robhaswell commented 9 years ago

Cross-hosts links.

errordeveloper commented 9 years ago

Policies on container images, something that could check if you have a non-vulnerable version of some package.